package com.admin.sys.base.module.shiro.web;

import com.admin.sys.base.module.extend.web.BaseController;
import org.apache.shiro.authz.UnauthorizedException;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

@RestController
public class ShiroController extends BaseController {
    //shiro重定向需要设置跨域，前端才能正确响应。
    //部署环境会跳转会首页|开发环境返回响应：访问异常，请检查后重试。
    @CrossOrigin
    @RequestMapping("/login")
    public ModelAndView author(HttpServletRequest request, HttpServletResponse response) throws Exception {
        StringBuffer requestURL = request.getRequestURL();
        String url = requestURL.toString();
        return new ModelAndView(url);
    }

    @CrossOrigin
    @RequestMapping("/unauthorized")//权限异常baseAction可以自己捕获
    public String error(HttpServletRequest request) {
        throw new UnauthorizedException("权限不足，请联系管理员！");
    }

}